The World Privacy Forum filed comments with the Department of Transportation today regarding the department’s publication of the detailed personal medical information of individuals subject to DOT regulations in the Federal Register along with their names, ages, and other identifying information. The WPF comments argue that personal medical information combined with name, age, etc. does not belong in the Federal Register, where it can have potentially far-reaching consequences for those individuals who are named as well as their family members.

This new WPF report finds that medical identity theft is still a crime that causes great harms to its victims, and that it is growing overall in the United States; however, there’s a catch. The national consumer complaint data suggests that the crime is growing at different rates in different states and regions of the US, creating medical identity theft “hotspots.” These hotspots are important for patients, policymakers, and healthcare stakeholders to know about so as to address potential risks.

WPF has conducted original research on India's Aadhaar, a national biometric ID system, including field research in India during 2010-2014. WPF has published the original research in a peer-reviewed journal, Nature-Springer, and in Harvard-based Journal of Technology Science. The research found that systemic challenges to data protection and privacy exist in the Aadhaar system, challenges which do have potential remedies. Key lessons can be learned for both the US and the EU as biometric systems grow in popularity.